src/java/org/mxchange/addressbook/beans/login/AddressbookUserLoginWebSessionBean.java

   1 /*
   2  * Copyright (C) 2016 Roland Häder
   3  *
   4  * This program is free software: you can redistribute it and/or modify
   5  * it under the terms of the GNU Affero General Public License as
   6  * published by the Free Software Foundation, either version 3 of the
   7  * License, or (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU Affero General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Affero General Public License
  15  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16  */
  17 package org.mxchange.addressbook.beans.login;
  18
  19 import java.text.MessageFormat;
  20 import java.util.Collections;
  21 import java.util.List;
  22 import java.util.Objects;
  23 import javax.annotation.PostConstruct;
  24 import javax.enterprise.context.SessionScoped;
  25 import javax.enterprise.event.Event;
  26 import javax.enterprise.event.Observes;
  27 import javax.enterprise.inject.Any;
  28 import javax.faces.context.FacesContext;
  29 import javax.faces.view.facelets.FaceletException;
  30 import javax.inject.Inject;
  31 import javax.inject.Named;
  32 import javax.naming.Context;
  33 import javax.naming.InitialContext;
  34 import javax.naming.NamingException;
  35 import org.mxchange.addressbook.beans.BaseAddressbookController;
  36 import org.mxchange.addressbook.beans.user.AddressbookUserWebSessionController;
  37 import org.mxchange.jusercore.container.login.LoginContainer;
  38 import org.mxchange.jusercore.container.login.UserLoginContainer;
  39 import org.mxchange.jusercore.events.login.ObservableUserLoggedInEvent;
  40 import org.mxchange.jusercore.events.login.UserLoggedInEvent;
  41 import org.mxchange.jusercore.events.logout.ObservableUserLogoutEvent;
  42 import org.mxchange.jusercore.events.logout.UserLogoutEvent;
  43 import org.mxchange.jusercore.events.user.password_change.ObservableUpdatedUserPasswordEvent;
  44 import org.mxchange.jusercore.exceptions.UserNotFoundException;
  45 import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
  46 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
  47 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
  48 import org.mxchange.jusercore.model.login.UserLoginSessionBeanRemote;
  49 import org.mxchange.jusercore.model.user.User;
  50 import org.mxchange.jusercore.model.user.UserUtils;
  51 import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
  52 import org.mxchange.jusercore.model.user.password_history.UserPasswordHistorySessionBeanRemote;
  53 import org.mxchange.jusercore.model.user.profilemodes.ProfileMode;
  54 import org.mxchange.jusercore.model.user.status.UserAccountStatus;
  55
  56 /**
  57  * A web bean for user registration
  58  * <p>
  59  * @author Roland Häder<roland@mxchange.org>
  60  */
  61 @Named ("userLoginController")
  62 @SessionScoped
  63 public class AddressbookUserLoginWebSessionBean extends BaseAddressbookController implements AddressbookUserLoginWebSessionController {
  64
  65         /**
  66          * Path name for guest base template
  67          */
  68         private static final String GUEST_BASE_TEMPLATE_NAME = "guest/guest"; //NOI18N
  69
  70         /**
  71          * Path name for logged-in user base template
  72          */
  73         private static final String USER_BASE_TEMPLATE_NAME = "login/user/user"; //NOI18N
  74
  75         /**
  76          * Serial number
  77          */
  78         private static final long serialVersionUID = 47_828_986_719_691_592L;
  79
  80         /**
  81          * Template type for pages that might be displayed in guest area and login
  82          * area.
  83          */
  84         private String baseTemplatePathName;
  85
  86         /**
  87          * Current password
  88          */
  89         private String currentPassword;
  90
  91         /**
  92          * Logged-in user instance
  93          */
  94         private User loggedInUser;
  95
  96         /**
  97          * User controller
  98          */
  99         @Inject
 100         private AddressbookUserWebSessionController userController;
 101
 102         /**
 103          * Flag whether the user has logged-in, set only from inside
 104          */
 105         private boolean userLoggedIn;
 106
 107         /**
 108          * EJB for user-login
 109          */
 110         private UserLoginSessionBeanRemote userLoginBean;
 111
 112         /**
 113          * Event fired when user has logged in
 114          */
 115         @Inject
 116         @Any
 117         private Event<ObservableUserLoggedInEvent> userLoginEvent;
 118
 119         /**
 120          * Event fired when user has logged out
 121          */
 122         @Inject
 123         @Any
 124         private Event<ObservableUserLogoutEvent> userLogoutEvent;
 125
 126         /**
 127          * User's password history
 128          */
 129         private List<PasswordHistory> userPasswordHistory;
 130
 131         /**
 132          * EJB for user's password history
 133          */
 134         private UserPasswordHistorySessionBeanRemote userPasswordHistoryBean;
 135
 136         /**
 137          * Default constructor
 138          */
 139         public AddressbookUserLoginWebSessionBean () {
 140                 // Defaul template is guest
 141                 this.baseTemplatePathName = GUEST_BASE_TEMPLATE_NAME;
 142         }
 143
 144         /**
 145          * Method being call after user's password has been updated (and history
 146          * entry has been created).
 147          * <p>
 148          * @param event Event being observed
 149          */
 150         public void afterUserUpdatedPasswordEvent (@Observes final ObservableUpdatedUserPasswordEvent event) {
 151                 // Check parameter
 152                 if (null == event) {
 153                         // Throw NPE
 154                         throw new NullPointerException("event is null"); //NOI18N
 155                 } else if (event.getPasswordHistory() == null) {
 156                         // Throw NPE again
 157                         throw new NullPointerException("event.passwordHistory is null"); //NOI18N
 158                 } else if (event.getPasswordHistory().getUserPasswordHistoryId() == null) {
 159                         // ... and again
 160                         throw new NullPointerException("event.passwordHistory.userPasswordHistoryId is null"); //NOI18N
 161                 } else if (event.getPasswordHistory().getUserPasswordHistoryId() < 1) {
 162                         // Invalid value
 163                         throw new IllegalArgumentException(MessageFormat.format("event.passwordHistory.userPasswordHistoryId={0} is in valid", event.getPasswordHistory().getUserPasswordHistoryId())); //NOI18N
 164                 }
 165
 166                 // All fine, so update list
 167                 this.updatePasswordHistory(event.getPasswordHistory());
 168         }
 169
 170         @Override
 171         public String doAdminLogout () {
 172                 // Is a user logged-in?
 173                 if (this.isUserLoggedIn()) {
 174                         // Call other logout
 175                         return this.doUserLogout();
 176                 }
 177
 178                 // Invalidate session
 179                 FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
 180
 181                 // Set template type to guest
 182                 this.setBaseTemplatePathName(GUEST_BASE_TEMPLATE_NAME); //NOI18N
 183
 184                 // Redirect to index
 185                 return "index?faces-redirect=true"; //NOI18N
 186         }
 187
 188         @Override
 189         public String doUserLogin () {
 190                 // Get user instance
 191                 User user = this.userController.createUserLogin();
 192
 193                 // Create login container
 194                 LoginContainer container = new UserLoginContainer(user, this.userController.getUserPassword());
 195
 196                 try {
 197                         // Call bean
 198                         User confirmedUser = this.userLoginBean.validateUserAccountStatus(container);
 199
 200                         // All fine here so set it here
 201                         this.setLoggedInUser(confirmedUser);
 202
 203                         // Retrieve user's password list
 204                         this.userPasswordHistory = this.userPasswordHistoryBean.getUserPasswordHistory(confirmedUser);
 205
 206                         // Set template to "login"
 207                         this.setBaseTemplatePathName(USER_BASE_TEMPLATE_NAME); //NOI18N
 208
 209                         // Fire event away. Keep this last before return statement.
 210                         this.userLoginEvent.fire(new UserLoggedInEvent(confirmedUser));
 211
 212                         // Clear this bean
 213                         this.clear();
 214
 215                         // All fine
 216                         return "login"; //NOI18N
 217                 } catch (final UserNotFoundException | UserStatusLockedException | UserStatusUnconfirmedException ex) {
 218                         // Show JSF message
 219                         this.showFacesMessage("form_user_login:userName", ex); //NOI18N
 220                         return ""; //NOI18N
 221                 } catch (final UserPasswordMismatchException ex) {
 222                         // Show JSF message
 223                         this.showFacesMessage("form_user_login:userPassword", ex); //NOI18N
 224                         return ""; //NOI18N
 225                 }
 226         }
 227
 228         @Override
 229         public String doUserLogout () {
 230                 // Is loggedInUser set?
 231                 if (this.getLoggedInUser() == null) {
 232                         // Throw NPE
 233                         throw new NullPointerException("this.loggedInUser is null"); //NOI18N
 234                 } else if (this.getLoggedInUser().getUserId() == null) {
 235                         // Throw again
 236                         throw new NullPointerException("this.loggedInUser.userId is null"); //NOI18N
 237                 } else if (this.getLoggedInUser().getUserId() < 1) {
 238                         // Invalid user id
 239                         throw new IllegalStateException(MessageFormat.format("this.loggedInUser.userId={0} is not valid.", this.getLoggedInUser().getUserId())); //NOI18N
 240                 }
 241
 242                 // Fire event
 243                 this.userLogoutEvent.fire(new UserLogoutEvent(this.getLoggedInUser()));
 244
 245                 // Invalidate session
 246                 FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
 247
 248                 // Unset any user instances
 249                 this.setLoggedInUser(null);
 250                 this.setBaseTemplatePathName(GUEST_BASE_TEMPLATE_NAME); //NOI18N
 251
 252                 // Redirect to index
 253                 return "index"; //NOI18N
 254         }
 255
 256         @Override
 257         public String getBaseTemplatePathName () {
 258                 return this.baseTemplatePathName;
 259         }
 260
 261         @Override
 262         public void setBaseTemplatePathName (final String baseTemplatePathName) {
 263                 this.baseTemplatePathName = baseTemplatePathName;
 264         }
 265
 266         @Override
 267         public String getCurrentPassword () {
 268                 return this.currentPassword;
 269         }
 270
 271         @Override
 272         public void setCurrentPassword (final String currentPassword) {
 273                 this.currentPassword = currentPassword;
 274         }
 275
 276         @Override
 277         public User getLoggedInUser () {
 278                 return this.loggedInUser;
 279         }
 280
 281         @Override
 282         public void setLoggedInUser (final User loggedInUser) {
 283                 this.loggedInUser = loggedInUser;
 284         }
 285
 286         @Override
 287         public List<PasswordHistory> getUserPasswordHistory () {
 288                 return Collections.unmodifiableList(this.userPasswordHistory);
 289         }
 290
 291         @Override
 292         public boolean ifCurrentPasswordMatches () {
 293                 // The current password must be set and not empty
 294                 if (this.getCurrentPassword() == null) {
 295                         // Is not set
 296                         throw new NullPointerException("this.currentPassword is null"); //NOI18N
 297                 } else if (this.getCurrentPassword().isEmpty()) {
 298                         // Is set empty
 299                         throw new IllegalStateException("this.currentPassword is empty."); //NOI18N
 300                 }
 301
 302                 // Create "container"
 303                 LoginContainer container = new UserLoginContainer(this.getLoggedInUser(), this.getCurrentPassword());
 304
 305                 // Now check if it matches
 306                 return UserUtils.ifPasswordMatches(container, this.getLoggedInUser());
 307         }
 308
 309         @Override
 310         public boolean ifUserMustChangePassword () {
 311                 return (this.isUserLoggedIn() && this.getLoggedInUser().getUserMustChangePassword());
 312         }
 313
 314         /**
 315          * Post-construction method
 316          */
 317         @PostConstruct
 318         public void init () {
 319                 try {
 320                         // Get initial context
 321                         Context context = new InitialContext();
 322
 323                         // Try to lookup
 324                         this.userLoginBean = (UserLoginSessionBeanRemote) context.lookup("java:global/addressbook-ejb/login!org.mxchange.jusercore.model.login.UserLoginSessionBeanRemote"); //NOI18N
 325
 326                         // Also find this
 327                         this.userPasswordHistoryBean = (UserPasswordHistorySessionBeanRemote) context.lookup("java:global/addressbook-ejb/userPasswordHistory!org.mxchange.jusercore.model.user.password_history.UserPasswordHistorySessionBeanRemote"); //NOI18N
 328                 } catch (final NamingException ex) {
 329                         // Continue to throw
 330                         throw new FaceletException(ex);
 331                 }
 332         }
 333
 334         @Override
 335         public boolean isInvisible () {
 336                 // Check on login
 337                 if (!this.isUserLoggedIn()) {
 338                         // Not logged in!
 339                         throw new IllegalStateException("isInvisible() has been invoked for a guest."); //NOI18N
 340                 }
 341
 342                 // Check logged-in first, then invisibility
 343                 return this.getLoggedInUser().getUserProfileMode().equals(ProfileMode.INVISIBLE);
 344         }
 345
 346         @Override
 347         public boolean isPasswordInHistory (final String userPassword) {
 348                 // Default is not found
 349                 boolean isPasswordInHistory = false;
 350
 351                 // Init variables
 352                 int count = 1;
 353                 int maxEntries = this.getIntegerContextParameter("max_user_password_history"); //NOI18N
 354
 355                 // Check all passwords
 356                 for (final PasswordHistory entry : this.getUserPasswordHistory()) {
 357                         // Is password the same?
 358                         if (UserUtils.ifPasswordMatches(userPassword, entry.getUserPasswordHistoryUser())) {
 359                                 // Yes, found it
 360                                 isPasswordInHistory = true;
 361                                 break;
 362                         } else if (count == maxEntries) {
 363                                 // Maximum reached
 364                                 break;
 365                         }
 366
 367                         // Count up
 368                         count++;
 369                 }
 370
 371                 // Return status
 372                 return isPasswordInHistory;
 373         }
 374
 375         @Override
 376         public boolean isUserLoggedIn () {
 377                 this.userLoggedIn = ((this.getLoggedInUser() instanceof User) && (Objects.equals(this.getLoggedInUser().getUserAccountStatus(), UserAccountStatus.CONFIRMED)));
 378
 379                 // Return it
 380                 return this.userLoggedIn;
 381         }
 382
 383         /**
 384          * Clears this bean
 385          */
 386         private void clear () {
 387                 // Clear all fields
 388                 this.setCurrentPassword(null);
 389         }
 390
 391         /**
 392          * Updates password history by adding given entry to it as long as it is not
 393          * there.
 394          * <p>
 395          * @param passwordHistory Password history entry
 396          */
 397         private void updatePasswordHistory (final PasswordHistory passwordHistory) {
 398                 if (null == passwordHistory) {
 399                         // Throw NPE
 400                         throw new NullPointerException("passwordHistory is null"); //NOI18N
 401                 } else if (passwordHistory.getUserPasswordHistoryId() == null) {
 402                         // Throw NPE again
 403                         throw new NullPointerException("passwordHistory.userPasswordHistoryId is null"); //NOI18N
 404                 } else if (passwordHistory.getUserPasswordHistoryId() < 1) {
 405                         // Invalid id
 406                         throw new IllegalArgumentException(MessageFormat.format("passwordHistory.userPasswordHistoryId={0} is not valid.", passwordHistory.getUserPasswordHistoryId())); //NOI18N
 407                 }
 408
 409                 // Is it there?
 410                 if (this.userPasswordHistory.contains(passwordHistory)) {
 411                         // Excact copy found
 412                         return;
 413                 }
 414
 415                 // Check all entries
 416                 for (final PasswordHistory entry : this.userPasswordHistory) {
 417                         // Is same id number?
 418                         if (Objects.equals(entry.getUserPasswordHistoryId(), passwordHistory.getUserPasswordHistoryId())) {
 419                                 // Found it
 420                                 return;
 421                         }
 422                 }
 423
 424                 // Not found, so add it
 425                 this.userPasswordHistory.add(passwordHistory);
 426         }
 427
 428 }